Use fetchurl for amd-uprof

It will not work without the host /lib64/ld

pkgs/amd-uprof/default.nix

@@ -1,8 +1,6 @@
 { stdenv
 , lib
-, curl
-, cacert
-, runCommandLocal
+, fetchurl
 , autoPatchelfHook
 , elfutils
 , glib
@@ -26,26 +24,26 @@ let
   tarball = "AMDuProf_Linux_x64_${version}.tar.bz2";
 
   # NOTE: Remember to update the radare2 patch below if AMDuProfPcm changes.
-  uprofSrc = runCommandLocal tarball {
-    nativeBuildInputs = [ curl ];
-    outputHash = "sha256-j9gxcBcIg6Zhc5FglUXf/VV9bKSo+PAKeootbN7ggYk=";
-    SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt";
-  } ''
-    curl \
-    -o $out \
-    'https://download.amd.com/developer/eula/uprof/uprof-5-1/${tarball}' \
-    -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0' \
-    -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-    -H 'Accept-Language: en-US,en;q=0.5' \
-    -H 'Accept-Encoding: gzip, deflate, br, zstd' \
-    -H 'Referer: https://www.amd.com/' 2>&1 | tr '\r' '\n'
-  '';
+  src = fetchurl {
+    url = "https://download.amd.com/developer/eula/uprof/uprof-5-1/${tarball}";
+    sha256 = "sha256-jAmsw/xmctJ2r7BKyuA+9exLgZbu3cvrYtyRUUTt8sM=";
+    curlOptsList = [
+      "-H" "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0"
+      "-H" "'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'"
+      "-H" "Accept-Language: en-US,en;q=0.5"
+      "-H" "Accept-Encoding: gzip, deflate, br, zstd"
+      "-H" "Referer: https://www.amd.com/"
+    ];
+    downloadToTemp = true;
+    postFetch = ''
+      cat "$downloadedFile" | tr '\r' '\n' > "$out"
+    '';
+  };
 
 in
   stdenv.mkDerivation {
     pname = "AMD-uProf";
-    inherit version;
-    src = uprofSrc;
+    inherit src version;
     dontStrip = true;
     phases = [ "installPhase" "fixupPhase" ];
     nativeBuildInputs = [ autoPatchelfHook radare2 ];

pkgs/nanos6/jemalloc.nix

@@ -5,6 +5,7 @@ jemalloc.overrideAttrs (old: {
     "--with-jemalloc-prefix=nanos6_je_"
     "--enable-stats"
   ];
+  enableParallelBuilding = true;
   hardeningDisable = [ "all" ];
   meta = old.meta // {
     description = old.meta.description + " (for Nanos6)";

pkgs/nix-portable/default.nix

@@ -14,6 +14,7 @@ with builtins;
     "gitMinimal"
     "netcat-openbsd"
     "openssh"
+    "bashInteractive"
   ],
 
   busybox,
@@ -178,10 +179,6 @@ let
     store="\$dir/nix/store"
     # create /nix/var/nix to prevent nix from falling back to chroot store.
     mkdir -p \$dir/{bin,nix/var/nix,nix/store}
-    # sanitize the tmpbin directory
-    rm -rf "\$dir/tmpbin"
-    # create a directory to hold executable symlinks for overriding
-    mkdir -p "\$dir/tmpbin"
 
     # create minimal drv file for nix to spawn a nix shell
     echo 'builtins.derivation {name="foo"; builder="/bin/sh"; args = ["-c" "echo hello \> \\\$out"]; system=builtins.currentSystem;}' > "\$dir/mini-drv.nix"
@@ -210,6 +207,13 @@ let
       echo "experimental-features = nix-command flakes" >> \$dir/conf/nix.conf
       echo "ignored-acls = security.selinux system.nfs4_acl" >> \$dir/conf/nix.conf
       echo "sandbox-paths = /bin/sh=\$dir/busybox/bin/busybox" >> \$dir/conf/nix.conf
+      echo "extra-substituters = https://jungle.bsc.es/cache">> \$dir/conf/nix.conf
+      echo "extra-trusted-public-keys = jungle.bsc.es:pEc7MlAT0HEwLQYPtpkPLwRsGf80ZI26aj29zMw/HH0=" >> \$dir/conf/nix.conf
+
+      echo "extra-system-features = sys-devices" >> \$dir/conf/nix.conf
+      echo "extra-sandbox-paths = /sys/devices/system/cpu=/sys/devices/system/cpu /sys/devices/system/node=/sys/devices/system/node" >> \$dir/conf/nix.conf
+      echo "extra-trusted-users = @bsc" >> \$dir/conf/nix.conf
+
 
       # configurable config
       echo "sandbox = \$NP_CONF_SANDBOX" >> \$dir/conf/nix.conf
@@ -260,7 +264,9 @@ let
       recreate_nix_conf
     fi
 
-
+    # Override $SHELL with nix bashInteractive
+    export SHELL="${pkgs.bashInteractive.out}/bin/bash"
+    export PS1="\n\[\033[1;32m\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\$\[\033[0m\] "
 
     ### setup SSL
     # find ssl certs or use from nixpkgs
@@ -339,6 +345,7 @@ let
       toBind="\$toBind \$dir/busybox/bin /bin"
       # provide /bin/sh via the shipped busybox
       toBind="\$toBind \$dir/busybox/bin/busybox /bin/sh"
+      toBind="\$toBind \$dir/busybox/bin/busybox /usr/bin/env"
 
       # on termux, make sure termux packages still work inside the nix-portable environment
       if [ -n "\$TERMUX_VERSION" ]; then
@@ -377,7 +384,6 @@ let
 
     ### select container runtime
     debug "figuring out which runtime to use"
-    [ -z "\$NP_BWRAP" ] && NP_BWRAP=\$(PATH="\$PATH_OLD:\$PATH" which bwrap 2>/dev/null) || true
     [ -z "\$NP_BWRAP" ] && NP_BWRAP=\$dir/bin/bwrap
     debug "bwrap executable: \$NP_BWRAP"
     [ -z "\$NP_NIX" ] && NP_NIX=\$dir/bin/nix
@@ -573,11 +579,6 @@ let
     ### set PATH
     # restore original PATH and append busybox
     export PATH="\$PATH_OLD:\$dir/busybox/bin"
-    # apply overriding executable paths in \$dir/tmpbin/
-    export PATH="\$dir/tmpbin:\$PATH"
-
-
-
 
     ### install programs via nix
     ${concatMapStringsSep "\n" installDynamic bootstrapPrograms}
@@ -609,7 +610,17 @@ let
 
   runtimeScriptEscaped = replaceStrings ["\""] ["\\\""] runtimeScript;
 
-  nixPortable = pkgs.runCommand pname {nativeBuildInputs = [unixtools.xxd unzip];} ''
+  nixPortable = pkgs.runCommand pname {
+    nativeBuildInputs = [unixtools.xxd unzip];
+
+    meta = {
+      homepage = "https://github.com/DavHau/nix-portable";
+      description = "Nix - Static, Permissionless, Installation-free, Pre-configured for mn5";
+      maintainers = with lib.maintainers.bsc; [ abonerib ];
+      platforms = lib.platforms.linux;
+      license = lib.licenses.mit;
+    };
+  } ''
     mkdir -p $out/bin
     echo "${runtimeScriptEscaped}" > $out/bin/nix-portable.zip
     xxd $out/bin/nix-portable.zip | tail